Steps to Dissect Android Simplelocker Ransomware

Simplelocker is a ransomware that decrypts files on victims’ android mobile and demands to pay some ransom for decrypting the files.

Earlier there are more types of ransomware are used by the attacker on desktop and laptops like CryptoLocker, Cryptowall where as SimpleLocker was the first ransomware to infect android based mobile phones. Earlier this month ESET detected the ransomware on mobile and came to light about the ransomware that encrypts the files on the SD card.

The malware simplelocker has the capability to collect information on victims mobile like IMEI number, Operating System, Phone model and manufacture details. Simon Bell an Undergraduate student from University of Sussex provide the execution steps of Simplelocker and how to remove it from the mobile without paying any ransom amount and in which he proves the method of the decrypting of files on the attacked mobile device.

In a blog, he explained the static and dynamic analysis of this malware and found the same method used for encrypt () to decrypt (). He also promised to release the antidote for the ransomware.